CPE-13455EF4-B393-4B9B-878D-FE8B5E9DB2E3 Detail

CPE Details

WinZip 8.0

Vendor

winzip

Product

winzip

Version

8.0

Created

2007-08-23
19h16 +00:00

Modified

2009-11-25
17h50 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:winzip:winzip:8.0:::::::*

Informations

Vendor

winzip

Product

winzip

Version

8.0

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2024-8811	2024-11-22 21h03 +00:00	WinZip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archive files. When opening an archive that bears the Mark-of-the-Web, WinZip removes the Mark-of-the-Web from the archive file. Following extraction, the extracted files also lack the Mark-of-the-Web. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-23983.	7.8	High
CVE-2008-3442	2008-08-01 14h00 +00:00	WinZip before 11.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.	7.5
CVE-2003-1376	2007-10-19 08h00 +00:00	WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder.	4.6
CVE-2006-3890	2006-11-21 21h00 +00:00	Stack-based buffer overflow in the Sky Software FileView ActiveX control, as used in WinZip 10 before build 7245 and in certain other applications, allows remote attackers to execute arbitrary code via a long FilePattern attribute in a WZFILEVIEW object, a different vulnerability than CVE-2006-5198.	9.3
CVE-2004-1465	2005-02-13 04h00 +00:00	Multiple buffer overflows in WinZip 9.0 and earlier may allow attackers to execute arbitrary code via multiple vectors, including the command line.	3.7
CVE-2004-0333	2004-03-18 04h00 +00:00	Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.	10
CVE-2001-0449	2002-03-09 04h00 +00:00	Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary commands via a long file name that is processed by the /zipandemail command line option.	4.6

WinZip 8.0

CPE Details

CPE Name: cpe:2.3:a:winzip:winzip:8.0:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:winzip:winzip:8.0:::::::*